Posted on 2004-02-27 18:47:32, modified on 2006-01-09 16:29:21
Tags: Networking
Before you read this, I want to make it clear that I am totally sane. Well, mostly. Regarding networking related issues you can trust my sanity. That's why this strange experience is bothering me.
My computers are connected to the internet via an ADSL modem, which is connected to the Comindico network. The machines I do most of my work on are also connected to the Comindico network. So most of the time the traffic is on the place it should be in a couple of hops:
Hostname %Loss Rcv Snt Last Best Avg Worst 1. ??? 2. rns02-kent-syd.comindico.com.au 0% 15 15 22 19 30 94 3. 203.194.20.193 0% 15 15 21 19 24 32 4. ge6-2.1000.cor01-kent-syd.comindico 0% 15 15 20 18 22 28 5. fe0-0.wsr03-kent-syd.comindico.com. 0% 15 15 18 18 40 204 6. barnetworks-link.syd.comindico.com. 0% 14 14 22 19 22 29 7. tim.barnet.com.au 0% 14 14 22 19 25 47
Sometimes when I'm browsing the internet my HTTP session is captured and answered by an MS IIS server which tells me that the page doesn't exist. This is browser independent, it has happened with Mozilla, in a text based browser and with wget. Destination independent too, it happens to sites attached to the Comindico network, other Australian ones and overseas ones.
This is strange, because as far as I could tell these sites should be running some version of the Apache webserver...
It wasn't until today that I got a name with it: The construction site company. I was trying to update a ticket in our tracking system and suddenly got this ugly orange screen.
Please study the image: It's an IIS 404 screen. It refers to rt2.barnet.com.au, the site I was trying to access. It identifies itself as www.theconstructionsite.com.au. It has a banner on it refering to infomail.
The machine with hostname www.theconstructionsite.com.au (203.39.34.202) is located on the Telstra network. The image with 'infomail' came from the site www.infomail.com.au (203.39.34.203), also located on the Telstra network and owned by the people of thecontructionsite.com.au.
1. ??? 2. rns02-kent-syd.comindico.com.au 0% 29 29 20 19 35 255 3. 203.194.20.193 0% 29 29 34 18 27 101 4. ge6-2.1000.cor01-kent-syd.comindico 0% 29 29 21 18 24 48 5. ge5-0-0.bdr01-kent-syd.comindico.co 0% 29 29 20 19 37 132 6. POS2-1-0.un1.optus.net.au 0% 29 29 22 20 27 115 7. 203.202.36.9 0% 29 29 23 20 27 99 8. gigabitethernet4-3.ken12.Sydney.tel 0% 29 29 22 21 41 241 9. FastEthernet1-0.chw13.Sydney.telstr 0% 28 29 23 21 33 107 10. constr19.lnk.telstra.net 0% 28 28 28 27 45 130 11. 203.39.34.202 0% 28 28 34 27 39 164
I checked the DNS cache, it had still more than 800 seconds before the record for rt2.barnet.com.au would expire. I checked the DNS querylog, no strange requests were made before the request for www.infomail.com.au.
I don't run a proxy server, I don't have strange firewall rules. And when I reloaded the page the one I expected shows up again.
This happens about once per week that I'm aware of (I have a lot of HTTP traffic by automatic scripts which try to recover from errors so they would just retry when they get this message).
I know it is nitpicking of me, and that I just should ignore it, but I can't stand it when a network designed to be logical does things which are illogical like this. Specially not when they can be a sign of something else going wrong.
More pictures with information: Mozilla - Media Info Mozilla - Links Info Mozilla - General Page Info
I've contacted my ADSL provider about it (that's not Comindico) and they will be looking into it, but I'm afraid it will be as much mystery for them as it is for me.
| Share on Facebook | Share on Twitter| From: | carneeki@carneeki.net |
| URL: | http://carneeki.net |
| Posted on: | 2004-03-01 10:09:38 |
| Comment | Possibly http accelerator doing external redirection?
If you're admin at both ends that could be a bit of a worry though. *grins* |
| Reply | - |